When reading the report, I was immediately struck by the revelation that under the bulk telephony metadata collection program, there were as few as 248 “known or presumed U.S. persons who were the subject of queries of information collected in bulk or who were subject to a business records application.”

Since former government contractor Edward Snowden first leaked documents about the NSA’s programs last year, the bulk telephony metadata program has been the most controversial of the revelations.

Only 248 people were queried when the U.S. is conducting such a massive data sweep. The NSA isn’t disclosing in its transparency report how much metadata it is actually collecting.

Initial reports of the Snowden revelations assumed everyone’s telephone metadata was being collected. John C. Inglis, the deputy director of the NSA, told Congress in October there were no alternatives to the program, the New York Times reported.

“It needs to be the whole haystack,” Inglis said. If the United States were looking for the communications of a terrorism suspect, he said, “it needs to be such that when you make a query you come away confident that you have the whole answer.”

It seems in this case the best defense of Americans’ privacy rights is not the Bill of Rights, but stagnant government programs that can’t adapt as quickly as technology does.

When you pair today’s NSA report with the Washington Post report, it’s hard to argue this program can have effective national security applications that outweigh the civil liberties threats it presents. It’s ridiculous that the agency continues to collect almost one-third of Americans’ call data to search only a handful of people, especially since the government doesn’t even have the whole “haystack” it needs.

A more effective transparency report from the DNI would have provided information about how much phone data the government has collected, and from how many individuals.

What does it mean that the government is collecting less than 30 percent of all Americans’ call data? Is it possible that my number is altogether excluded or does the NSA only know about some of my calls?

The report also really doesn’t get at how many people are actually affected by orders made under the Foreign Intelligence Surveillance Act. The report says 1,767 orders based on probable cause affected 1,144 “targets.” However, “targets” are an individual person, group or organization composed of multiple individuals. That means the total number of people targeted could be in the thousands or the millions.

It’s similar to transparency reports we’ve seen from Facebook and Microsoft that give the number of users impacted by FISA orders in bands of 1,000, thereby making it difficult to know how many users were actually affected. These companies had to sue to get the right to disclose the data to the public this way. The government does not face the same restrictions.

It’s great that the DNI is following through on that order that first came in August 2013, but it’s disappointing that it continues to leave so many questions unanswered.